this post was submitted on 05 Aug 2023

426 points (97.1% liked)

Piracy: ꜱᴀɪʟ ᴛʜᴇ ʜɪɢʜ ꜱᴇᴀꜱ

54462 readers

356 users here now

⚓ Dedicated to the discussion of digital piracy, including ethical problems and legal advancements.

Rules • Full Version

1. Posts must be related to the discussion of digital piracy

2. Don't request invites, trade, sell, or self-promote

3. Don't request or link to specific pirated titles, including DMs

4. Don't submit low-quality posts, be entitled, or harass others

Loot, Pillage, & Plunder

📜 c/Piracy Wiki (Community Edition):

💰 Please help cover server costs.


Ko-fi	Liberapay

founded 1 year ago

MODERATORS

[email protected]

426

Anyone who downloaded the GOG Baldur's Gate 3 release from 1337x, scan with Malwarebytes asap! (kbin.social)

submitted 1 year ago by [email protected] to c/[email protected]

80 comments fedilink hide all child comments

Originally posted over on /r/piracy (https://www.reddit.com/r/Piracy/comments/15itrip/1337x_admins_allowing_bg3_torrent_with_bitcoin/)

It looks like a bitcoin miner was included in the installer, and the admins on 1337x may or may not give a shit apparently. Scanned my pc and my wifes and found the same stuff the others mentioned.

According to the other comments, don't feel the need to uninstall as the miner was installed separate to the game, just give a Malwarebytes scan to get rid of the junk.

top 50 comments

sorted by: hot top controversial new old

[–] [email protected] 114 points 1 year ago (3 children)

It's even worse apparently. Apparently someone looked at where the coins are going, and the coins are going to the 1337x admins, and the uploader is just getting a cut of those coins. Which explains why the admins are unlikely to really care because they're profiting off their users.

I have severe trust issues with any kind of pirated software so I basically never download it as a result, and shit like this is why. Even private trackers and "trusted" groups aren't enough for me to download most software.

[–] [email protected] 32 points 1 year ago (1 children)

Do you have any evidence of that?

[–] [email protected] 38 points 1 year ago

[–] [email protected] 28 points 1 year ago

can we get some proof? this is really interesting. I'd like to see how they're tracking stuff

[–] [email protected] 14 points 1 year ago (1 children)

How did they figure that out?

[–] [email protected] 45 points 1 year ago (2 children)

Crytpo isn't inherently anonymous. you can easily follow coins.

[–] [email protected] 10 points 1 year ago

You can follow the wallet address , but unles you know who the address belongs to, you can't follow it. So we ask again, where the proof that the coins went to site admins?

[–] [email protected] 101 points 1 year ago

For gog games you can check the digital signature on the installer to make sure it's legit. It should be signed by GOG.

[–] [email protected] 83 points 1 year ago (6 children)

If you aren't scanning every software you download, whether a pirate torrent or normal direct download, that's kinda your own fault

[–] [email protected] 79 points 1 year ago (2 children)

Motherfuckers out here rawdogging the internet like it's 1998.

[–] [email protected] 16 points 1 year ago

It just feels better… I can’t feel the bits otherwise.

[–] [email protected] 9 points 1 year ago

Even in '98, that was fucking stupid.

[–] [email protected] 73 points 1 year ago (3 children)

To be fair, I cannot remember a software where no anti virus program turned red. Those cracks always look suspicous to the heuristics.

[–] [email protected] 24 points 1 year ago (1 children)

Of course but it's usually pretty easy to filter out the false positives that always appear as a Trojan (because of the file modification payload) vs a crypto miner

[–] [email protected] 10 points 1 year ago

Do you have a guide or anything I can checkout? I usually google what flags show up and use big name uploaders but never know for sure.

[–] [email protected] 5 points 1 year ago

They usually say something generic like HackTool.

load more comments (1 replies)

[–] [email protected] 18 points 1 year ago (1 children)

Oh 100%. Was a dumb moment where I didn't expect it and didn't bother, and neither did a lot of other people from the looks of it. Good thing is it was something fixable in less than 5 mins and not a bigger problem.

[–] [email protected] 7 points 1 year ago (1 children)

I would completely reformat all affected machines. AVs are not perfect. Yes it sucks, but imagine the consequences of doing any form of banking on an infected machine.

load more comments (1 replies)

load more comments (3 replies)

[–] [email protected] 64 points 1 year ago (1 children)

You shouldn't trust anything uploaded there by IGGGames. They've been caught before adding miners to their files. I downloaded the rune release somewhere else seeing as they were the uploader on 1337x. I only really use 1337x for fitgirl repacks.

[–] [email protected] 18 points 1 year ago (1 children)

Why not from fitgirl page directly?

[–] [email protected] 8 points 1 year ago

I mean I do grab the torrent link from the fitgirl site, but I find the torrent faster to download than the direct download links.

[–] [email protected] 61 points 1 year ago (1 children)

Just popping in to say that if you enjoy the game and if you are financially able to, buy the game properly to support the developers, especially Larian Studios.

[–] [email protected] 19 points 1 year ago

If a dev studio should be financially incentivized to keep doing what they're doing, it's this one

[–] [email protected] 49 points 1 year ago (1 children)

LOL idiots BG3 is DRM Free just get the GOG installer, surely people mirror that shit, I've seent it before.

load more comments (1 replies)

[–] [email protected] 35 points 1 year ago (1 children)

Dont be mad at me but I bought the game from GOG :)

[–] [email protected] 40 points 1 year ago* (last edited 1 year ago) (1 children)

I mean, it's an mtx-free, drm-free, full feature game. If BG3 isn't worth paying for, I don't know what is.

[–] [email protected] 8 points 1 year ago

Yes. If such developers are not awarded then they will also switch to the dark side.

[–] [email protected] 24 points 1 year ago

I reported it on 1337x earlier today, but they aren't very responsive. Fitgirl has it listed as an upcoming repack, so hopefully not long to wait for a clean copy.

[–] [email protected] 21 points 1 year ago (1 children)

I opened this post all scared that I might've accidentally downloaded malware and my fuckin' AV alerted

yeah yeah I know piracy and AVs don't generally mix

[–] [email protected] 5 points 1 year ago (1 children)

I get a notification of malware from that address pretty often, could someone explain what it is?

load more comments (1 replies)

[–] [email protected] 11 points 1 year ago (1 children)

Empress was right

[–] [email protected] 7 points 1 year ago (5 children)

Has anyone seen anything on the DODI release or is it clean?

[–] [email protected] 13 points 1 year ago* (last edited 1 year ago) (6 children)

The DODI repack is based on the RUNE release which I believe is clean. Another commenter claims a found Trojan but there are others who found nothing, and imo it's probably just the usual crack shenanigans.

Edit: See replies! It seems there are tainted versions of the repack out there, but there are clean ones too. Remember to keep a critical eye on your sites and uploaders in addition to your release groups. There's a useful link in a reply to me below showing what you might see if you've downloaded a bad one.

[–] [email protected] 8 points 1 year ago

There's no need for a crack on this game, it's available on GOG which is always DRM free.

load more comments (5 replies)

[–] [email protected] 6 points 1 year ago

There are claims from comments on torrent galaxy that dodis release has the same bitcoin miner:

https://www.reddit.com/r/Piracy/comments/15ivtzk/dodi_verified_release_on_tg_has_crypto_miner/

I hope someone can get to the bottom of this

load more comments (3 replies)

[–] [email protected] 4 points 1 year ago (10 children)

isnt malwarebytes kinda crap these days?

[–] [email protected] 17 points 1 year ago

Nah they do a good job. They are having intrusive popups asking you to subscribe to their paid tier for scheduled searches and real time protection, but if you know what you want/need, the free version is alright.

load more comments (9 replies)

load more comments